|
|
A
verifier makes sure that a class loaded is not malicious. It repeats
many checks that the compiler runs as well. Why? Because anyone
can write a Java Compiler, like IBM's Jikes compiler. Thus, anyone
can write a compiler that creates malicious code, so the class files should
be double checked.
-
The verifier makes sure that...
-
variables are initialized before use
-
method calls match types of object references
-
private data rules are not violated
-
local variable accesses are within the runtime stack
-
runtime stack does not overflow
-
The book has an example of making a quick Java class that violates these
rules. But this is actually quite a detailed process, so we'll skip it.
But, if you find this process interesting, feel free to run through the
example on pages 873-877.
Security Managers, Permissions
|